Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ICyxL55iGsOkmXYjR5qTYUwHajY.roa
File: ICyxL55iGsOkmXYjR5qTYUwHajY.roa (raw, json)
Hash identifier: Y7wCtPStImmtw5VV9O9+IQH962EZ/assjnU78YNe6sk=
Subject key identifier: 20:2C:B1:2F:9E:62:1A:C3:A4:99:76:23:47:9A:93:61:4C:07:6A:36
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E77B3744F1BF883028C2E7F66A4A47
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ICyxL55iGsOkmXYjR5qTYUwHajY.roa
Signing time: Mon 02 Jan 2023 05:14:56 +0000
ROA not before: Mon 02 Jan 2023 05:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39753
IP address blocks: 2a10:2f01:100::/40 maxlen: 48
2a0e:b107:24::/46 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:7b:37:44:f1:bf:88:30:28:c2:e7:f6:6a:4a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=202cb12f9e621ac3a4997623479a93614c076a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b9:a2:a4:2d:52:8b:c6:aa:a6:70:2d:79:a0:
1f:95:ad:2b:3f:e0:c9:b2:5e:de:f7:89:24:0a:f1:
6c:75:ef:fe:9b:93:f9:cd:b1:d5:81:78:a9:08:77:
77:f8:61:b1:b9:23:f1:11:5b:a6:f5:7c:b0:17:08:
ce:3c:f5:15:e5:87:92:40:18:40:05:66:27:85:9d:
fe:75:14:a0:13:0e:73:9c:63:a3:d4:0c:c0:5f:04:
66:99:9f:27:f0:cf:61:2f:43:f5:88:f5:93:f8:db:
71:0b:1f:c6:55:de:c6:50:37:3f:5e:0b:04:4a:fa:
2b:d5:93:91:e3:7f:be:a1:a2:6f:ac:80:22:a6:8b:
e3:77:56:c9:b1:1a:ac:f3:d1:1a:11:7e:78:af:e4:
e4:1d:bb:8c:89:d4:c9:8e:40:ad:7f:00:4d:be:28:
42:f0:c3:ed:8e:e0:0a:f5:57:77:ee:49:b8:85:db:
52:a9:ab:64:22:46:d0:79:de:1f:41:be:b8:3d:03:
e7:b8:94:a3:5a:e0:3d:c6:25:96:90:43:6d:40:bb:
67:58:80:91:33:2b:36:1d:55:71:c1:08:87:06:1f:
9c:7e:b8:4c:33:36:d5:f4:07:f3:5f:ba:d7:70:f9:
7c:cc:28:34:d2:37:08:89:41:7e:d0:77:1a:b7:6b:
f7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2C:B1:2F:9E:62:1A:C3:A4:99:76:23:47:9A:93:61:4C:07:6A:36
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ICyxL55iGsOkmXYjR5qTYUwHajY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:24::/46
2a10:2f01:100::/40
Signature Algorithm: sha256WithRSAEncryption
94:b0:6e:9f:9d:26:6d:4f:6b:53:b2:57:2c:a4:7f:fb:e9:16:
37:1b:f2:b2:37:0a:bf:9e:7c:1b:cf:cc:fd:7e:70:06:fa:35:
43:08:7a:29:dd:c1:e3:18:61:1a:80:18:f0:c5:5d:20:ab:b3:
c5:04:44:90:f0:ad:bd:26:11:98:c0:cd:c3:cf:39:75:10:7c:
38:49:e5:ca:b1:95:92:10:70:23:2d:15:e1:ce:64:b7:1a:ed:
21:07:07:1d:02:58:0c:d0:6e:e0:6d:95:3a:75:8e:42:98:c0:
0e:f0:ae:fb:49:99:8f:ea:be:69:09:eb:58:1a:c9:73:0f:5a:
8f:0a:bc:43:c0:f0:55:e5:10:bc:98:32:5f:8d:0e:91:8d:f6:
71:1c:46:c5:b3:47:df:25:b5:53:9b:ef:b1:3e:ad:6a:96:bd:
9e:b9:50:8b:e8:17:23:1e:17:d6:41:b1:7b:14:06:3b:57:11:
8b:df:31:b7:76:d3:82:f1:c8:f1:60:e1:e3:78:08:09:19:1f:
8a:f3:6b:f5:ec:28:8d:13:59:a3:df:99:03:52:b6:fa:87:60:
e9:5f:be:fe:ff:68:bb:ac:61:1c:b2:bc:17:d6:89:1a:14:c5:
e2:c9:c3:e2:0a:a1:0b:74:4b:70:95:50:17:15:ef:19:df:e4:
82:29:e2:97
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVw53s3RPG/iDAowuf2akpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJjYjEyZjllNjIxYWMzYTQ5OTc2MjM0NzlhOTM2MTRjMDc2YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbmipC1Si8aqpnAteaAfla0rP+DJ
sl7e94kkCvFsde/+m5P5zbHVgXipCHd3+GGxuSPxEVum9XywFwjOPPUV5YeSQBhA
BWYnhZ3+dRSgEw5znGOj1AzAXwRmmZ8n8M9hL0P1iPWT+NtxCx/GVd7GUDc/XgsE
Svor1ZOR43++oaJvrIAipovjd1bJsRqs89EaEX54r+TkHbuMidTJjkCtfwBNvihC
8MPtjuAK9Vd37km4hdtSqatkIkbQed4fQb64PQPnuJSjWuA9xiWWkENtQLtnWICR
Mys2HVVxwQiHBh+cfrhMMzbV9AfzX7rXcPl8zCg00jcIiUF+0Hcat2v3SQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFCAssS+eYhrDpJl2I0eak2FMB2o2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSUN5eEw1NWlHc09rbVhZalI1cVRZVXdIYWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcCKg6xBwAk
AwYAKhAvAQEwDQYJKoZIhvcNAQELBQADggEBAJSwbp+dJm1Pa1OyVyykf/vpFjcb
8rI3Cr+efBvPzP1+cAb6NUMIeindweMYYRqAGPDFXSCrs8UERJDwrb0mEZjAzcPP
OXUQfDhJ5cqxlZIQcCMtFeHOZLca7SEHBx0CWAzQbuBtlTp1jkKYwA7wrvtJmY/q
vmkJ61gayXMPWo8KvEPA8FXlELyYMl+NDpGN9nEcRsWzR98ltVOb77E+rWqWvZ65
UIvoFyMeF9ZBsXsUBjtXEYvfMbd204LxyPFg4eN4CAkZH4rza/XsKI0TWaPfmQNS
tvqHYOlfvv7/aLusYRyyvBfWiRoUxeLJw+IKoQt0S3CVUBcV7xnf5IIp4pc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org